1. Field of the Invention
The present invention relates to managing a rights object, and more particularly, to an apparatus and method for managing a rights object by backing up and restoring the rights object between a host device and a multimedia card.
2. Description of the Related Art
Generally, a rights object (RO) is information needed to legitimately use digital content, which has to be stored and managed in a secure way. A secure multimedia card is storable and portable, which stores digital content or moves it to another device, thereby enabling the digital content to be efficiently used. A current user can buy and use digital content and an RO. However, if the RO is damaged or lost, the user cannot use the purchased digital content. In order to prevent infringement of consumers' rights, backup of the RO is required.
On the assumption that backup of an RO is a copy of data, there is a possibility of a copy of the RO in the backup and restoration process. Accordingly, there are many restrictions in order to prevent the copy of the RO.
FIG. 1 illustrates a configuration of a related art apparatus for backing up an RO.
A process of backing up an RO to a secure multimedia card in a host A will be described in the following.
When a user backs up an RO (S11), if the RO has no backup permission, the process is terminated. In order to restore the backup RO only to a host device (an original device) that performs a backup, the corresponding host device is encrypted using a public key. Here, the RO having backup permission cannot be moved to another device (e.g., a host B), unless the backup RO is removed. If the original RO is moved to another device, there is a possibility of a copy of the RO when the RO is restored.
A process of restoring the backup RO from the secure multimedia card to the host A will be described in the following.
The device in which the backup RO is stored is connected to the original device (i.e., the host A), and the backup RO is restored (S12). Here, the backup RO is free to move to other devices (e.g., hosts B and C), but can be restored only to the original device.
When the backup RO is decrypted using an individual key of the original device, the restoration of the RO is completed.
In the related art apparatus, the backup RO can be restored only to the host device that performed the backup, and the RO having backup permission cannot be moved from the host device to another device, which are problems.
FIG. 2 illustrates a process of copying an RO using a related art 1-pass rights object acquisition protocol (ROAP) process. Here, because the 1-pass ROAP process cannot receive a response from a host device, mutual authentication is not possible. The host device receives all of transmitted data, which presents a security problem.
A rights issuer issues an RO to a host A via the 1-pass ROAP process (S21). At this time, an unauthorized device that exists inside or outside of the host A copies and stores the issued RO (S22).
When the host A moves the issued RO to a host B (S23), the unauthorized device issues the stored RO to the host A via the 1-pass ROAP process (S24). Hence, the copied ROs remain in the hosts A and B.
Accordingly, the RO issued via the 1-pass ROAP process can be reproduced, and is easily copied by unauthorized devices, which are problems.
Korean Unexamined Patent Publication No. 2005-0109420 (Dealing Method of Digital Literary Work for Protecting Copyright) discloses a method of backing up digital content and rights information of the digital content to a specific storage medium, enabling only a specific device to restore the backed up digital content, and playing the digital content according to the rights information, but does not disclose a method of moving an RO freely, backing up and restoring an RO safely.